Is Your Privacy Harmed If You Believe Others May Have Seen Private Info... Even If They Haven't?

from the privacy-questions dept

We've noted, repeatedly, that in various data breach cases, courts have consistently found that if the data was exposed but then not actually used for nefarious purposes, there's really no legal recourse. The standard argument is that, in such cases, there's no actual harm to be remedied. I can definitely see the reasoning there, though I do worry if that creates bad incentives concerning data protection. However, in a totally different (and much more tragic) situation, you can see how the "no one saw it" line of thinking doesn't make much sense at all. Ryan Calo discusses the story of Tyler Clementi, the Rutgers student who committed suicide a few months back, after his roommate supposedly broadcast his sexual encounters over the internet. The roommate is apparently now saying that no one, other than himself and a friend, ever saw the video, but Calo suggests that this is still a privacy violation:
The question of whether the defendants recorded or broadcast the web cam is highly relevant to whether there has been a privacy violation. Yet it is hardly relevant at all to the question of whether there has been a privacy harm.

What matters is what Clementi believed. If it turns out that Clementi killed himself because he believed the entire campus watched him have gay sex, then he suffered a severe subjective privacy harm. This is true whether or not the belief was accurate. Just as likely is that Clementi had no idea one way or another who saw the footage. The uncertainty could have been nearly as horrible to this desperate, mortified young man as an affirmative belief.
Calo is making an interesting, yet important, distinction here, between a privacy harm and a legal privacy violation. But it also highlights how the "harm" can come from a few different ways as well, including just the feeling of a loss of control, even if the information is not actually used negatively:
Clementi’s suicide forces us to confront the dual nature of privacy harm. Privacy harm is the objective consequences that flow from the loss of control over personal information. But it is also the subjective experience of that loss of control. This is so not only in the terrible case of Clementi, but in the everyday experiences of the consumer who is worried she will suffer identity theft following a data breach or the citizen who avoids making jokes about terrorism for fear that the NSA is reading his emails.

Filed Under: privacy, privacy harm, privacy violations

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    out_of_the_blue, 9 Nov 2010 @ 5:57pm

    Yes, making someone believe harm was / is going to be done, *is* harm.

    It's at least a threat, and since actually was a video, possible. Many forms of fraud threatening a criminal action *are* actionable. It certainly meets the standard for your title question.

    However, I don't get the point of your juxtaposing "data breaches" and a surreptitious video. This young guy *was* harmed, AND the NSA *is* reading your emails. Two harms don't cancel out.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: I Invented Email
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.